As part of our continued commitment to making the world a safer place, SecurityScorecard recently partnered with the Transportation Security Administration (TSA). This partnership will enable the agency to more accurately monitor and assess the cyber health of the nation’s pipeline, rail, and aviation transportation systems.
We will work closely with the TSA’s Surface Operations Cybersecurity Assurance Division to provide cyber vulnerability monitoring, security ratings, and threat intelligence for entities the TSA partners with for security resilience. These automated capabilities will allow the agency to monitor public-facing Internet applications and services owned and operated by the nation’s critical infrastructure.
Protecting our critical infrastructure
SecurityScorecard applauds the TSA for its leadership in managing cyber risk and advancing the federal government’s efforts towards cyber resilience. This partnership with the TSA builds on SecurityScorecard’s recent momentum in the public sector, particularly our relationship with CISA, which is enhancing the cyber resilience of vulnerable and under-resourced critical infrastructure sectors. We have also partnered with the National Association of Counties (NACo), the Conference of State Bank Supervisors (CSBS), as well as several other critical public sector entities. Collectively, these alliances have enabled us to share critical cyber threat information with key institutional partners, while ensuring they have access to real-time data to monitor and protect critical assets.
Our recent report with The Cyentia Institute revealed that 61 percent of public sector agencies have open cyber vulnerabilities, taking a median of 309 days to remediate them. The report on critical infrastructure that we released at this year’s World Economic Forum found that cyber resilience is getting worse, not better. To ensure the continued safety of our critical infrastructure systems and protect national security, we must foster close relationships and increased communication between the public and private sectors.
Partnering with the private sector to preserve trust
With that in mind, the TSA’s private sector partners will receive complimentary access to SecurityScorecard’s comprehensive security ratings, automated assessments, and guidance from industry experts. Critical infrastructure operators will receive findings in easy-to-understand A-F graded scorecards with collaborative mechanisms to remediate observed cybersecurity risks. This will enable more effective compliance reporting, improved communication, and informed decision-making. As governments globally struggle to measure and communicate more effectively on cyber risk, the TSA’s usage of our platform serves as a model for how other sector risk management agencies can partner with industry to measure and report on collective progress.
The power of automation in critical infrastructure security
With 60-70% of cyber incidents originating in the vendor ecosystem, it’s key for agencies in the public sector to have an automated, robust third-party risk management (TPRM) program in place to identify and address cyber risk. Not only will a strong TPRM program reduce risk and ensure accountability and compliance, it will also save time and free up additional organizational resources.
Organizations can automate and scale many of the functions in their vendor risk management programs with security assessments, which complement security ratings for a complete inside-out view of vendor risk. Using automation and machine learning to validate vendor responses will shorten the assessment process by as much as 83%.
Whether it’s working with our partners in the public sector to assess the health of their cybersecurity environments, assisting private companies as they audit their third-party vendors, or responding to cyber incidents, SecurityScorecard is always seeking to improve communication, boost cyber resilience, and change the way the world measures trust.
For more information on how to better secure your organization, and our continued efforts to make the world a safer place, visit SecurityScorecard.